Vulnerability Note VU#414240

Overview

Mozilla Mail contains a vulnerability in the display routines for VCards. By sending an email message with a crafted VCard, a remote attacker may be able to execute arbitrary code on the victim's machine with the privileges of the current user.

Description

Mozilla Mail contains a stack overflow vulnerability in the display routines for VCards. By sending an email message with a crafted VCard, a remote attacker may be able to execute arbitrary code on the victim's machine with the privileges of the current user. This can be exploited in the preview mode as well.

Impact

A remote attacker may be able to execute arbitrary code on the victim's machine with the privileges of the current user.